-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update templates for Traefik version 2
- Loading branch information
Showing
3 changed files
with
52 additions
and
62 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--- | ||
default_rule: "{% raw %}Host(`{{ normalize .Name }}.example.domain`){% endraw %}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,23 +1,27 @@ | ||
version: '2' | ||
version: '3.6' | ||
|
||
networks: | ||
web: | ||
traefik_web: | ||
driver: "bridge" | ||
|
||
services: | ||
proxy: | ||
image: "traefik:1.6.6" | ||
command: "--logLevel=ERROR" | ||
image: "traefik:v2.2" | ||
# command: "--logLevel=ERROR" | ||
ports: | ||
- "80:80" | ||
- "443:443" | ||
volumes: | ||
- "/var/run/docker.sock:/var/run/docker.sock:ro" | ||
- "{{ reverseproxy.data }}/:/cert/" | ||
- "{{ reverseproxy.data }}/:/letsencrypt/" | ||
- "{{ reverseproxy.conf }}/:/etc/traefik/:ro" | ||
labels: | ||
- "traefik.enable=false" # set to true to expose Monitoring & API | ||
- "traefik.backend=proxy" | ||
- "traefik.port=8080" | ||
- "traefik.enable=true" | ||
## global redirect to https | ||
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" | ||
- "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" | ||
- "traefik.http.routers.http-catchall.entrypoints=web" | ||
- "traefik.http.routers.http-catchall.middlewares=redirect-to-https" | ||
networks: | ||
- "web" | ||
- "traefik_web" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,58 +1,42 @@ | ||
# accept self-signed SSL certs for backends | ||
InsecureSkipVerify = true | ||
[global] | ||
checkNewVersion = false | ||
sendAnonymousUsage = false | ||
|
||
defaultEntryPoints = ["http", "https"] | ||
|
||
[acme] | ||
email = "{{ reverseproxy.letsencrypt_email }}" | ||
storage = "cert/acme.json" | ||
entryPoint = "https" | ||
onDemand = false | ||
OnHostRule = true | ||
|
||
[acme.httpChallenge] | ||
entryPoint = "http" | ||
[serversTransport] | ||
insecureSkipVerify = true | ||
|
||
[entryPoints] | ||
[entryPoints.http] | ||
[entryPoints.web] | ||
address = ":80" | ||
[entryPoints.http.redirect] | ||
entryPoint = "https" | ||
[entryPoints.https] | ||
|
||
[entryPoints.websecure] | ||
address = ":443" | ||
[entryPoints.https.tls] | ||
|
||
[web] | ||
# own web server address (displays statistics) | ||
address = ":8080" | ||
|
||
[docker] | ||
endpoint = "unix:///var/run/docker.sock" | ||
domain = "docker.local" | ||
watch = true | ||
exposedbydefault = false | ||
|
||
# new domains and subdomains can be configured here. | ||
# note that domains and subdomains not defined in this file will still work, | ||
# when defined in a container Host-Rule. However, they will generate | ||
# their own ACME request, and will count towards LetsEncrypt's rate limit. | ||
# | ||
#[[acme.domains]] | ||
# main = "example.com" | ||
# sans = [ | ||
# # services | ||
# "mumble.example.com", | ||
# # ... | ||
# | ||
# # web vhosts: | ||
# "www.example.com", | ||
# "git.example.com", | ||
# "mail.example.com", | ||
# "chat.example.com", | ||
# ] | ||
|
||
# You can define multiple of these blocks, each of which will result in one | ||
# certificate. | ||
#[[acme.domains]] | ||
# main = "example.org" | ||
# sans = ["www.example.org", "mail.example.org"] | ||
|
||
[log] | ||
level = "INFO" | ||
|
||
[accessLog] | ||
format = "common" | ||
filePath = "/dev/null" | ||
|
||
# [api] | ||
# dashboard = true | ||
|
||
# [metrics] | ||
# [metrics.prometheus] | ||
# entryPoint = "traefik" | ||
# buckets = [0.1,0.3,1.2,5.0] | ||
# [ping] | ||
|
||
[providers.docker] | ||
network = "traefik_web" | ||
exposedByDefault = false | ||
defaultRule = "{{ reverseproxy.default_rule | default(default_rule, true) }}" | ||
|
||
[certificatesResolvers.mytls.acme] | ||
email = "{{ reverseproxy.letsencrypt_email }}" | ||
storage = "/letsencrypt/acme.json" | ||
[certificatesResolvers.mytls.acme.httpChallenge] | ||
# used during the challenge | ||
entryPoint = "web" | ||
|